Tenon Intersystems Please see text links at bottom of page for navigation
Please see text links at bottom of page for navigation

Search tenon.com

Thanks to:

WebTen
[Top] [All Lists]
<prev [Date] next> <prev [Thread] next>

Re: Set Cookie for htDig?

To: webten@xxxxxxxxxxxxxxx
Subject: Re: Set Cookie for htDig?
From: James Harvard <james.tech.lists@xxxxxxxxxxxxxxxxxxxxx>
Date: Sat, 8 Jun 2002 13:15:05 +0100 
Doh!  I think we've missed the obvious solution!  Just because you prefer to 
offer people the more user-friendly option of a form-submitted password (I 
totally agree - realms are not very 'nice'), it doesn't mean that the site 
can't still accept an HTTP 'realms' type password as an alternative to a Cookie.

I presume that even if you're not using Corral methodology for your site, 
you've got some sort of centralised bit of code for authentication.  So could 
you put in something like this:

[If:(String_Length:(Form_Param:EncodeNone,'pswd'))>'0']
  [Var_Set:'password'=(Form_Param:EncodeNone,'pswd')]
[Else: If:(String_Length:(Cookie:EncodeNone,'pswd'))>'0']
  [Var_Set:'password'=(Cookie:EncodeNone,'pswd')]
[Else: If:(String_Length:(Client_Password))>'0']
  [Var_Set:'password'=(Client_Password)]
[Else]
  [Var_Set:'password'='']
[/If]

If the variable 'password' has a value you can then authenticate it against 
your FMP database.

Will this fit in with your setup?  (You may want to re-order the IF statements 
if there's any chance that the digger could follow a link that would submit a 
password in a Form_Param that would take precedence over the HTTP 
Client_Password.)

HTH,

James Harvard

> > Looking at the htDig docs it seems that you can specify an HTTP username &
>> password (realm type thing) for the digger to send when getting pages - is
>> this what you meant by a Lasso-authenticated pw?
>
>Not exactly. The Lasso-authentication works off a FileMaker database, and is
>being implemented explicitly because we don't want to use realms. Realms use
>a browser-generated dialog, and we wanted the log-in to be form-based.
> 
>> No mention of cookies though, but if you must have that I would be surprised
>> if there is not a modified version of htDig available, because it's just a
>> matter of sending an extra line of HTTP request with the cookie info in it.
>> But if there is such a thing, would it be compatible with WT?
>
>That's what I was thinking. I did just find this in the documentation for
>the WT-bundled htDig. In the "to do list," one of the last items is:
>>Support for browser cookies and a browser cache
>
>See the docs here:
>http://www.ascp.com/htdig/doc/TODO.html
>
>Unfortunately, I then found the same document on the live htDig list:
>http://www.htdig.org/TODO.html
>and it still has that same bullet item.
>
>So I guess if there's any answer, it'd be in the htDig list server, but it
>doesn't look good.
>
>But maybe I could get a new search engine. Does anyone know of one that does
>support cookies?
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: OT: Note on Denial-of-Service Vulnerability in ISC BIND 9, Robert Brandtjen
Next by Date:  Re: Set Cookie for htDig?, Robert Brandtjen
Previous by Thread:  Re: Set Cookie for htDig?, Ed Pastore
Next by Thread:  Re: Set Cookie for htDig?, Robert Brandtjen
Indexes:  [Date] [Thread] [Top] [All Lists]
| Tenon Home | Products | Order | Contact Us | About Tenon | Register | Tech Support | Resources | Press Room | Mailing Lists |

Powered By iTools

Copyright©2003 Tenon Intersystems, 232 Anacapa Street, Suite 2A, Santa Barbara, CA 93101. All rights reserved.
Questions about our website - Contact: webmaster@tenon.com.

Tenon Home Tenon Home Tenon Home Tenon Home Product Info Tenon Ordering Contact About Register Support Resources Press Mailing Lists